The Hacker News Logo
Subscribe to Newsletter

Android malware - Works on remote commands form encrypted blog

Android malware - Works on remote commands form encrypted blog
Researchers from Trend Micro have spotted a piece of malicious software for Android. This is the first known Android malware that reads blog posts and interprets these as commands. It can also download and install additional applications, therefore further compromising the affected device.

Trend Micro calls the malware "ANDROIDOS_ANSERVER.A." If the application is installed, it asks for a variety of permissions. If those are granted, it can then make calls, read log files, write and receive SMSes and access the Internet and network settings, among other functions. This backdoor may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.

"This is a blog site with encrypted content, which based on our research, is the first time Android malware implemented this kind of technique to communicate," wrote Karl Dominguez, a Trend Micro threat response engineer.

We recommend that users should be cautious when downloading Android applications from third party application stores due to the number of rogue applications that have been found.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.